[Gnuk-users] State of EdDSA in Gnuk / GnuPG

NIIBE Yutaka gniibe at fsij.org
Mon Jan 26 00:40:04 UTC 2015

On 19/01/2015 05:41, NIIBE Yutaka wrote:
> In the following script I use gnuk_token.py under gnuk/tool/.  It will
> overwrite the attribute of OpenPGP.3 (auth) key, provided the Auth
> passphrase is factory setting.
> ================================ enable-ed25519-gnuk-auth.py
> from gnuk_token import get_gnuk_device
> g = get_gnuk_device()
> g.cmd_select_openpgp()
> g.cmd_verify(3,"12345678")
> g.cmd_put_data(0,0xc3,"\x16\x2b\x06\x01\x04\x01\xda\x47\x0f\x01")
> ================================

0xc3 refers the data object for algorithm attribute of authentication
key.  \x16 is the (proposed) algorithm number for EdDSA.
\x2b\x06\x01\x04\x01\xda\x47\x0f\x01 is the OID of the curve Ed25519.

On 01/24/2015 11:32 PM, Bertrand Jacquin wrote:
> What can I use to enable EdDSA for signing key as well ?

Please use 0xc1 which refers the data object for algorithm attribute
of signature key.

Please note that OpenPGP EdDSA key is experimental and the format is
not stable (And there is no support for encryption with corresponding
algorithm).  I don't know about keyserver implementation(s), but it
may not yet handle unofficial format of EdDSA key.

More information about the gnuk-users mailing list